This means that no responsible party will be held liable for not registering by 30 June 2021. This decision follows technical glitches with the registration portal and numerous concerns raised by responsible parties regarding the registration process.
The registration of a Chief Executive Officer (CEO) as an Information Officer for multiple legal entities has been taken into consideration and it will be permissible. The registration portal is currently being configured to accommodate these changes.
The Protection of Personal Information Act (POPIA) enforcement powers as promulgated by the President of South Africa in June 2020 will still be coming into effect as of the 1 July 2021. This means that all responsible parties should still ensure information is processed according to the Act. For responsible parties to be compliant with POPIA they are required amongst many actions to appoint and register their Information Officers (IO) with the Information Regulator and apply for Prior Authorisation before processing personal information.
Please note that the Information Regulator will also not take action if your internal process is not 100% in place by the 1 July. Enforcement Action will only be taken when a complaint is received from a data subject on a specific responsible party, or where information has been breached. As such responsible parties still have time after the 1 July to finalise their compliance measures as long as they mitigate the risks of non-compliance.
Click here to download the Media Statement: